Explore the importance of Software Bill of Materials (SBoM) in container building through this insightful conference talk. Learn about the limitations of post-build SBoM generation and discover how to create more accurate and consistent SBoMs during container build time. Dive into the basics of container construction, understand the OCI specification, and explore tools like Tern and Buildah for generating SBoMs. Gain valuable insights on improving transparency in container builds, managing artifacts, and achieving reproducible builds. Understand the challenges faced by SaaS providers in generating SBoMs and the limitations of static analyzers. Discover opportunities to get involved in this crucial aspect of container security and management.
Back to the Drawing Board - Building Containers with SBoMs